Lucene search

PRIOn knowledge basePRION:CVE-2010-4297

HistoryDec 06, 2010 - 9:05 p.m.

Command injection

2010-12-0621:05:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

40.1%

JSON

The VMware Tools update functionality in VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548; VMware Player 2.5.x before 2.5.5 build 328052 and 3.1.x before 3.1.2 build 301548; VMware Server 2.0.2; VMware Fusion 2.x before 2.0.8 build 328035 and 3.1.x before 3.1.2 build 332101; VMware ESXi 3.5, 4.0, and 4.1; and VMware ESX 3.0.3, 3.5, 4.0, and 4.1 allows host OS users to gain privileges on the guest OS via unspecified vectors, related to a “command injection” issue.

CPENameOperatorVersion
esxeq3.5
esxeq4.1
esxeq4.0
esxieq3.5
esxieq4.1
esxieq4.0
fusioneq2.0.1
fusioneq2.0.2
fusioneq3.1.2
fusioneq2.0.5

Name	Operator	Version
esx	eq	3.5
esx	eq	4.1
esx	eq	4.0
esxi	eq	3.5
esxi	eq	4.1
esxi	eq	4.0
fusion	eq	2.0.1
fusion	eq	2.0.2
fusion	eq	3.1.2
fusion	eq	2.0.5

Rows per page:

1-10 of 371

References

lists.vmware.com/pipermail/security-announce/2010/000112.html

osvdb.org/69590

secunia.com/advisories/42480

secunia.com/advisories/42482

www.securityfocus.com/archive/1/514995/100/0/threaded

www.securityfocus.com/bid/45166

www.securitytracker.com/id?1024819

www.securitytracker.com/id?1024820

www.vmware.com/security/advisories/VMSA-2010-0018.html

www.vupen.com/english/advisories/2010/3116

7.1 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

40.1%

JSON

Related for PRION:CVE-2010-4297